Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

snmp error in packet. reason noaccess

Posted on 2016-09-17
30
Medium Priority
?
906 Views
Last Modified: 2016-09-22
Hello Expert,

I try to use snmpset with below command

snmpset -v 3 -c public -u netadmin -l authPriv -a MD5 -A password localhost .1.3.6.1.4.1.88888.1.9.1.1.2 s "111111"

the OID .1.3.6.1.4.1.88888.1.9.1.1.2 is read-write

Thank you.
0
Comment
Question by:trazodone
  • 20
  • 10
30 Comments
 
LVL 80

Assisted Solution

by:arnold
arnold earned 2000 total points
ID: 41803394
The SNMP community public is a read-only and should not be changed.
Make sure you have a read/write community and it is used with the -c parameter.
You are using snmpv3.
Check whether when using snmpv3 specifying a community is necessary.
Exclude the -c public and see if the behavior changes
0
 

Author Comment

by:trazodone
ID: 41804193
I used command sudo ./snmpwalk -v 3 -u netadmin -l authPriv -a MD5 -A password -x DES -X password localhost .1.3.6.1.4.1.88888.1

and I have got info SNMPv2-SMI::enterprises.88888.1.7.1.0 = Hex-STRING: 00

Next, I tried to snmpset the OID .1.3.6.1.4.1.88888.1.7.1.0

sudo ./snmpset -v 3 -u netadmin -l authPriv -a MD5 -A password -x DES -X password localhost .1.3.6.1.4.1.88888.1.7.1.0 s "OPEN"
Error in packet.
Reason: noAccess
Failed object: SNMPv2-SMI::enterprises.88888.1.7.1.0

without -c public. I have got the same error

I am wondering it seems OID .1.3.6.1.4.1.88888.1.7.1.0 dows not exist?

Thank you.
0
 

Author Comment

by:trazodone
ID: 41804195
Additional

I tried snmpget and seems OID .1.3.6.1.4.1.88888.1.7.1.0 exist

sudo ./snmpget -v 3 -u netadmin -l authPriv -a MD5 -A password -x DES -X password localhost .1.3.6.1.4.1.88888.1.7.1.0
SNMPv2-SMI::enterprises.88888.1.7.1.0 = Hex-STRING: 00
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

 

Author Comment

by:trazodone
ID: 41804198
Data types ids hex-string so I tried with option x

sudo ./snmpset -v 3 -u netadmin -l authPriv -a MD5 -A password -x DES -X password localhost .1.3.6.1.4.1.88888.1.7.1.0 x "OPEN"
.1.3.6.1.4.1.88888.1.7.1.0: Bad value notation (OPEN)

and

sudo ./snmpset -v 3 -u netadmin -l authPriv -a MD5 -A password -x DES -X password localhost .1.3.6.1.4.1.88888.1.7.1.0 x "0x2D"
Error in packet.
Reason: noAccess

Not success :)
0
 
LVL 80

Assisted Solution

by:arnold
arnold earned 2000 total points
ID: 41804206
You do not need to run sudo, since you are using snmpv3 with auth.

Have not had a chance to check whether the OID you are trying to update ......

Do you have the option, to configure a read/write community as well as use snmpv2 to perform the same set attempt?
0
 

Author Comment

by:trazodone
ID: 41804208
Without sudo

 ./snmpset -v 3 -u netadmin -l authPriv -a MD5 -A password -x DES -X password localhost .1.3.6.1.4.1.88888.1.7.1.0 x "01"
Error in packet.
Reason: noAccess
Failed object: SNMPv2-SMI::enterprises.88888.1.7.1.0

without sudo with -v 2c

./snmpset -v 2c -c public -u netadmin -l authPriv -a MD5 -A password -x DES -X password localhost .1.3.6.1.4.1.88888.1.7.1.0 x "01"
Timeout: No Response from localhost

look better but timeout

Will you plese guide how  to configure a read/write community?

Thank you
0
 
LVL 80

Assisted Solution

by:arnold
arnold earned 2000 total points
ID: 41804213
Try s instead of X when setting 'open'

String, hex data.
Try s '0x2D' as the new value.
0
 

Author Comment

by:trazodone
ID: 41804216
./snmpset -v 2c -c public -u netadmin -l authPriv -a MD5 -A password -x DES -X password localhost .1.3.6.1.4.1.88888.1.7.1.0 x "0x2D"
Timeout: No Response from localhost
0
 

Author Comment

by:trazodone
ID: 41804221
My snmpd.conf contains

rouser netadmin
rouser netadmin
rwcommunity public

Restart snmpd and snmpset is timeout

Thanks
0
 
LVL 80

Assisted Solution

by:arnold
arnold earned 2000 total points
ID: 41804239
Public should never be set as rw community.

Your netadmin are set as read only user which ....


Within snmpd.conf there is a seccontext

Common,y, there is a commented section dealing with defining community as read-write.
0
 
LVL 80

Accepted Solution

by:
arnold earned 2000 total points
ID: 41804248
Com2sec use this to define snmpv2 community, network.

com2sec local any newscommunity

Do you have rwuser netadmin ? Instead of rouser?
0
 

Author Comment

by:trazodone
ID: 41804264
No I don't have rwuser netadmin and the snmpd.conf is empty file
0
 

Author Comment

by:trazodone
ID: 41804268
I just modified rwuser netadmin. Restart snmpd and result is timeout. How do I add com2sec?

Thank you.
0
 
LVL 80

Assisted Solution

by:arnold
arnold earned 2000 total points
ID: 41804270
Where did you get the snmpd.conf which linux OS are you working on.

Usually the snmpd.conf includes an example settings but by default it is set to minimal information
snmpwalk -v 2c -s public localhost will only output the bare minimum, system name, system location, system operator

it indicates that additional configuration is needed using the com2sec where you can define different community strings, groups and networks from which it can be queried.

rwuser netadmin
versus  
rouser netadmin as you posted should change the behavior.....

but snmpd.conf should not be empty, this is where all the OID are defined .....
0
 

Author Comment

by:trazodone
ID: 41804272
I add

#       sec.name  source          community
com2sec local     localhost       COMMUNITY

to snmpd.conf

Result=timeout
0
 

Author Comment

by:trazodone
ID: 41804277
Command

 ./snmpwalk -v 2c -c public localhost
Timeout: No Response from localhost

Location of file snmpd.conf

/usr/local/share/snmp/snmpd.conf

This file may not be a correct snmpd.conf I am finding other snmpd.conf
0
 

Author Comment

by:trazodone
ID: 41804281
I found snmpd.conf example file which contains com2sec. How can I bring this file to be a snmpd.conf of snmpd application?

File located here
/home/tee/alarmbox/applications/net-snmp-5.7.3/python/netsnmp/tests/snmpd.conf
0
 

Author Comment

by:trazodone
ID: 41804282
My linux

uname -a
Linux ubuntu 3.13.0-74-generic #118~precise1-Ubuntu SMP Fri Dec 18 10:39:27 UTC 2015 i686 i686 i386 GNU/Linux
0
 
LVL 80

Assisted Solution

by:arnold
arnold earned 2000 total points
ID: 41804294
often, the snmpd.conf file is in /etc/snmp/snmpd.conf

http://manpages.ubuntu.com/manpages/wily/man5/snmpd.conf.5.html

try the following, run
snmpconf -g basec_setup

This is a perl script that will prompt you for information and then will create the snmpd.conf file.......
0
 

Author Comment

by:trazodone
ID: 41804354
I used snmpconf which create snmpd.conf at path

/usr/local/share/snmp

snmpd.conf content below

###########################################################################
#
# snmpd.conf
#
#   - created by the snmpconf configuration program
#









###########################################################################
# SECTION: Access Control Setup
#
#   This section defines who is allowed to talk to your running
#   snmp agent.

# rwuser: a SNMPv3 read-write user
#   arguments:  user [noauth|auth|priv] [restriction_oid]

rwuser  netadmin

# rwcommunity: a SNMPv1/SNMPv2c read-write access community name
#   arguments:  community [default|hostname|network/bits] [oid]

rwcommunity  public
0
 

Author Comment

by:trazodone
ID: 41804360
Update

tee@ubuntu:~/alarmbox/applications/net-snmp-5.7.3/apps$ ./snmpset -v 2c -c public -u netadmin -l authPriv -a MD5 -A password -x DES -X password 127.0.0.1 .1.3.6.1.4.1.88888.1.7.1.0 x "0x2D"
Error in packet.
Reason: notWritable (That object does not support modification)
Failed object: SNMPv2-SMI::enterprises.88888.1.7.1.0

I can confirm that files .c and .h config this OID read-write. Do you know how to check if OID can be modify?

Thank you.
0
 

Author Comment

by:trazodone
ID: 41804365
My mistake the OID is read-only. Let me modify MIB file .c and .h and try again.

Thank you.
0
 

Author Comment

by:trazodone
ID: 41804404
Hello I found another error

tee@ubuntu:/opt/snmp/bin$ ./snmpget -v 3 -u netadmin -l authPriv -a MD5 -A password -x DES -X password localhost .1.3.6.1.4.1.88888.1.7.1.0
SNMPv2-SMI::enterprises.88888.1.7.1.0 = STRING: "UNKNOWN_STATUS"

tee@ubuntu:/opt/snmp/bin$ ./snmpset -v 2c -c public -u netadmin -l authPriv -a MD5 -A password -x DES -X password 127.0.0.1 .1.3.6.1.4.1.88888.1.7.1 s "OPEN"
Error in packet.
Reason: noCreation (That table does not support row creation or that object can not ever be created)
Failed object: SNMPv2-SMI::enterprises.88888.1.7.1

Thank you.
0
 

Author Comment

by:trazodone
ID: 41804413
Finally

./snmpset -v 2c -c public -u netadmin -l authPriv -a MD5 -A password -x DES -X password 127.0.0.1 .1.3.6.1.4.1.88888.1.7.1.0 s "OPEN"
SNMPv2-SMI::enterprises.88888.1.7.1.0 = STRING: "OPEN"

Seems it is working but when I tried snmpget

tee@ubuntu:/opt/snmp/bin$ ./snmpget -v 2c -c public -u netadmin -l authPriv -a MD5 -A password -x DES -X password localhost .1.3.6.1.4.1.88888.1.7.1.0
SNMPv2-SMI::enterprises.88888.1.7.1.0 = STRING: "UNKNOWN_STATUS"
tee@ubuntu:/opt/snmp/bin$

Do you have idea why it is "UNKNOWN_STATUS"

Thank you.
0
 
LVL 80

Expert Comment

by:arnold
ID: 41804549
In prior, the definition as hex string, open, is not valid. Your other attempts had 0x2D does setting that make a difference?
0
 

Author Comment

by:trazodone
ID: 41804568
Hello

It is difference <mib>.c file so the x "0x2D" is not exist anymore. The new one is s "OPEN"

tee@ubuntu:/opt/snmp/bin$ ./snmpget -v 2c -c public -u netadmin -l authPriv -a MD5 -A password -x DES -X password localhost .1.3.6.1.4.1.88888.1.7.1.0
SNMPv2-SMI::enterprises.88888.1.7.1.0 = STRING: "UNKNOWN_STATUS"
tee@ubuntu:/opt/snmp/bin$
0
 
LVL 80

Expert Comment

by:arnold
ID: 41804657
I do not know which MIB you are using, in your prior response, the field type was indicated as HEX: String....
nor whether this SNMP OID when open is set, triggers an event at which point the status of the item is unknown.
0
 

Author Comment

by:trazodone
ID: 41810068
Hello Arnold,

Finally I is working once I config the snmpd.config with com2sec. Thank you. I will soon close this topic. Do you have additional info?
0
 
LVL 80

Expert Comment

by:arnold
ID: 41810085
Info? I have, ir think I have broad knowledge, need to understand what additional info or concern, considerations you have in mind.
0
 

Author Closing Comment

by:trazodone
ID: 41810155
Thank you.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Fine Tune your automatic Updates for Ubuntu / Debian
I have written articles previously comparing SARDU and YUMI.  I also included a couple of lines about Easy2boot (easy2boot.com).  I have now been using, and enjoying easy2boot as my sole multiboot utility for some years and realize that it deserves …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses
Course of the Month9 days, 19 hours left to enroll

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question